lwip-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [patch #9576] Adding authorization cookie management

From: Mike Kleshov
Subject: [lwip-devel] [patch #9576] Adding authorization cookie management
Date: Fri, 2 Mar 2018 06:42:40 -0500 (EST)
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 
Follow-up Comment #10, patch #9576 (project lwip):

> IMHO sending password continuously (encrypted or not) in query string is a
bad thing. For example, query strings are saved in History or Bookmark from
your browser. You see the query string if you print the page.
That's not true. Requests come from javascript (XMLHttpRequest), so no
history, no bookmarks, no URI when printing. You'll have to use a sniffer or
fire up browser's debugger, but in this case a cookie is just as visible.
> This is my opinion and I hope you don't think I'm trying to push to apply my
patch.
Same here. I'm just trying to present arguments accurately.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/patch/?9576>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]